Page Comparison

Cluster Name

Provide a unique cluster name

License

Upload your Kyvos license file, and click UPLOAD

Installation Path

Provide the installation path for Kyvos

Authentication

User Name

Enter your username for authentication.

Authentication Type

• Private Key: Choose and Upload the Private Key file.

• Password: Provide your credentials.
  NOTE: To use password authentication for instances while deployment, ensure that the instances have been configured for using Password-based authentication.

Configure Kyvos Services on Cloud

Select Instance by

• IP Address: Select this option for IP Address-based deployment.

• Hostname:  Select this option for hostname-based deployment. In this case, you can deploy the cluster using custom hostnames for nodes to be used for Kyvos services. 

  • Click the Use custom hostname for selected nodes link to specify or map a custom hostname for the selected BI Server, Query Engine, and Kyvos Manager/repository node.
    NOTE: Ensure that the instances have been configured for using Custom hostnames.

Deployment

Select None (node mapping manually) option. 

Fetch Resources

Click the link to get a list of externally created resources.

Deploy BI Server, Query Engine, and Web Portal Kyvos Services on <IP address> instance

This checkbox is displayed only when you select the None (node mapping Manually) option from the Deployment list. 

NOTE: By default, this checkbox is disabled. 

Virtual machines for BI Server

Select the VMs to be used for Kyvos BI Server from the drop-down list.

Query Engine Scale Set

Select the scale set to be used for the Kyvos Query Engine scale set from the drop-down list.

Virtual Machines for Query Engine

Select the VMs to be used for the Kyvos Query Engine from the drop-down list.

Virtual machines for Web Portal

Provide a comma-separated list of IP Addresses/Hostnames for the VMs to be used as Web portal instances.

Repository

Shows the IP Address/Hostname of the Kyvos Manager node that will be used as the Repository. 

Repository Password

Provide the Postgres repository password.

Storage

ABFS Account Name

Provide the ABFS Account Name to be used for storage.

Container name

Provide the Container Name to be used for storage.

Databricks

Databricks Cluster Id

Enter the ID of the cluster you created. To obtain this ID, click the Cluster Name on the Clusters page in Databricks.
The page URL shows <https://<databricks-instance>/#/settings/clusters/<cluster-id>>

File System Type

Select the type of file system to be used in Databricks.

Organization Id

Provide the Organization ID for the Azure environment. It is the number after o= in the workspace URL.

Databricks URL

Provide the URL in <https://<account>.cloud.databricks.com> format.
Example: https://centralus.azuredatabricks.net/

Vault URL

Enter your existing Azure Key Vault URL.
Optionally, you can create your own Key Vault for use with Kyvos. 

Databricks Authentication 

 Select the authentication type for the Databricks cluster from:

• AAD Token Using Managed Identity: This option is supported only with premium workspace.

• Personal Access Token

NOTE: Post deployment of the cluster, you can change the Databricks Authentication type from the Databricks page on Kyvos Manager.

• When switching from AAD to PAT, you need to provide personal access token, which is saved as a secret in your Azure Key Vault and is read from there for authentication purposes. For this:

  • Go to Key Vault Secret.

  • Add KYVOS-DATABRICKS-SERVICE-TOKEN-DefaultHadoopCluster01 and provide the DB token value and click Save.

• When switching from AAD to PAT, you need to Configure Managed Identity in Azure Databricks.

Fetch Parameters

• Clicking this will open a new dialog box where you need to provide the following details:

  • fs.azure.account.auth.type: The OAuth input is displayed by default.

  • fs.azure.account.oauth.provider.type: The input for this field is displayed by default.

  • fs.azure.account.oauth2clientID: Enter the managed identity client ID.

  • fs.azure.account.oauth2clientID: Enter the tenant ID.

Function

Function Deployment

Optionally, provide the name of the deployment where your Azure Functions are deployed.

Common

Kyvos Setup Package

Select the Kyvos bundle to be installed. Kyvos Manager contains compatible Kyvos bundles. To use any other Kyvos version, click the Upload button.

Semantic Model Local Path

Enter the semantic model local path where cuboids will be copied. For multiple paths, enter a semicolon-separated list.
NOTE: The deployment user must have full permission on the parent of the local semantic model path.

Automatically restart Kyvos services when down

Select this option to enable high availability mode for the Kyvos service. This will ensure Kyvos services are always up and running. The Kyvos Manager will automatically restart the BI server, query engine, repository, and web portal services, in case any of these services go down

BI Server

Listener Port

Enter the listener port for BI Server.

JMX Port

Enter the JMX port for BI Server health monitoring.

Work Directory

Enter the directory location on HDFS, where BI Server has access permissions.

Memory Configuration Mode

By default, the Auto mode is selected.

In Auto Mode, calculations are performed automatically by the system internally.
In Manual Mode, you can manually provide memory values as needed.
NOTE: The Maximum Heap Memory and Analytical Store Max Memory options are enabled only when you set the memory configuration in the Manual mode.

Maximum Heap Memory

Enter the maximum memory available for BI Server.

Additional Java Options

Use this to define custom Java properties for your BI Server.

Query Engine

Thrift Listener Port

Enter the thrift listener port for Query Engine.

JMX Port

Enter the port for Query Engine health monitoring.

Memory Configuration Mode

By default, the Auto mode is selected. In Auto Mode, calculations are performed automatically by the system internally. In the Manual Mode, you can manually provide memory values as needed.

NOTE:

• The Maximum Heap Memory, Analytical Store Max Memory for Querying, Analytical Store Max Memory for Processing, and Configure Concurrent Processing Task options are enabled only when you set the memory configuration in the Manual mode.

• If you set the memory configuration in the Manual mode, the Configure Concurrent Processing Task option can be enabled as Auto or Manual as needed.

Maximum Heap Memory

Enter the maximum memory for Query Engine.

Analytical Store Max Memory for Querying

Specify analytical store max memory for querying in GB.

Analytical Store Max Memory for Processing

Specify analytical store max memory for processing in GB.

Configure Concurrent Processing Task Count

By default, the Auto mode is selected.

If you select the Manual mode, specify the number of nodes to be used for concurrent processing task count

.

Additional Java Options

Use this to define custom Java properties for your Query Engine.

Web Portal

UI Port

Enter the port on which the Kyvos Web client will run.

JMX Port

Enter the port for Web portal health monitoring.

Shut-down Port

Enter the port to be used for shutting the Tomcat server.

AJP Port

Enter the port on which the AJP connector creates a socket and awaits an incoming connection.

Maximum Heap Memory

Enter the maximum memory for the Web portal.

Additional Java Options

Use this to define custom Java properties for the Web portal.

Network Protocol Configuration

Enable TLS

Select the checkbox to enable TLS for the cluster.
Note: Before enabling TLS, if you are using your own script for resource creation instead of the Kyvos shared scripts, you must rename the OpenSSL configuration file on the Kyvos Manager and the node where the Postgres Service is running. The OpenSSL configuration file is located at /etc/pki/tls/openssl.cnf.

To accomplish this, you will need to have sudo access.

HTTP Protocol Version

Select the HTTP Protocol Version for use with TLS.

Kyvos Web Portal on HTTPS

Select the checkbox to use HTTPS for connecting to Kyvos Web Portal.

TLS Configuration

TLS Protocol

Select the version of SSL/TLS protocol to be used. For multiple versions, select the corresponding checkboxes.

TLS Certificate Mode

Select the mode from Use Path or Upload File.

Keystore

Provide the location of the keystore file. This file is used by the server when secure communication is enabled and required by the client when mutual authentication is enabled.
Example: /data/KM_SNI/Certificate/keystore.jks

Keystore Private Key

Enter the keystore password.

Truststore 

Provide the location (path) to read the trust store file. The client requires this file when secure communication is enabled and required by the server when mutual authentication is enabled.
Example: /data/KM_SNI/Certificate/truststore.jks

Truststore Private Key

Enter the truststore password.

Cipher Suite

Enter the encryption algorithm to be used for communication over the TLS layer.

Enable Mutual Authentication

Select to enable mutual authentication. 
NOTE: This option is displayed only if you have installed the Kyvos cluster using the war bundle. For other modes, Mutual authentication is enabled automatically.

Kyvos Web Portal Configuration

Use same certificate as TLS

Select this option to use the same TLS certificate for Kyvos Web Portal.

Use different certificate

• Certification Mode: Select the Use Path or Upload File option.

• Keystore: Provide the path or upload the Keystore file for the certificate.

• Keystore Private Key: Provide the Keystore Private Key for the certificate.

• Custom Attributes for HTTPS over TLS connector: If needed, provide attributes to be used for the TLS connector.

• Custom Attributes for Mutual Authentication connector: If needed, provide attributes to be used for the HTTPS connector.